January was a busy month for the developers of Dyre/Dyreza. The group reintroduced their Upatre link spam with some additional subterfuge. This article will explore two types of spambots that Dyre utilizes; the following diagram presents a simplified visual on how each type executes. Dyre bot operators have started to JJencode

Job seekers beware. A login-credential-stealing Trojan is trying to steal your email address and password when you access CareerBuilder.com. We recently reported on the evolution of Dyre as observed by ThreatTrack Security Labs. The latest developments to this data-stealing Trojan, also known as Dyreza, is an expanded

ThreatTrack Security Labs researchers continue to monitor the evolution Dyre (aka Dyreza), the banking-credential-stealing Trojan that appears to be quickly filling the gap left by the takedown of GameOver Zeus. We reported earlier on how Dyre has been associated with malicious spam utilizing the Upatre downloader, and

ThreatTrack Security Labs recently identified some unsurprising holiday shopping threats via a seasonal malware delivery ploy: malicious holiday shopping spam. This particular campaign targeted customers of major retailers with a Thanksgiving Day message, but it would be best to stay on guard for similar ploys throughout the

2014 was a record year for data breaches, with big name companies like Home Depot, Staples, Michaels and Neiman Marcus all disclosing breaches that affected millions of consumers. Heading into the 2014 holiday shopping season, some security insiders are warning that another big data breach disclosure is

ThreatTrack Security today published the study 2015 Predictions from the Front Lines which found that expectations for data security next year are surprisingly optimistic given the harsh reality of 2014, which has been the worst year on record for data breaches. Enterprise security staffers are so confident

ThreatTrack Security Labs researchers spotted a nasty malicious spam campaign making the rounds. Users receive an email that claims to be from ADP (see image and full email text below), with urgent warnings about a non-existent past due invoice. The message attempts to make recipients click one

Is Rogue AV dead? That’s one of those questions people like to ask from time to time, especially when threats like CryptoLocker or CryptoWall emerge with the ability to extort money out of victims to recover encrypted files. After all, when you have something as powerful as